I'm grateful and humbled to be among the recipients of this great scholarship. This award has made it possible for me to be one step closer to achieving my dreams and I am thankful for the opportunity.

Numiopre “Pamela” Roberts, School of Social Work, 2017-18 recipient of the Southern Management Corporation Scholarship

IT Server Security Standard

This standard establishes a framework for ensuring that servers deployed within UMB’s campus are managed in a secure and predictable fashion. It is the responsibility of UMB network managers to protect and maintain the security of the networks they are charged with managing. System administrators are obliged to prevent trespassers from corrupting or misusing any segment of the enterprise network. Listed below are recommended standards to be followed by system administrators where technically feasible.

Scope

UMB is a distributed environment with corresponding local responsibilities. Support for campus enterprise applications is managed centrally. This security standard is recommended for all server resources within the physical area of the UMB campus and all users who access those resources. It pertains especially to those resources that support vital business functions and that maintain confidential, personal, or protected information.

Standard(s)

To maximize the security of the network server environment, the system administrator, where feasible:

Maintains physical access controls

Requires that administrator level passwords are a minimum of 8 characters long

Prevents the reuse of passwords over a 6 month period

Enforces password expiration at least every six months

Ensures that users have unique and separate server accounts

Uses antivirus software to ensure that files saved to servers are not infected

Recommends the use of antivirus software if the system supports email

Ensures that the primary administrator account is the only account with access to all files

Ensures that any new data copied onto a server is done in a fashion that logs the transaction/transfer

Ensures that only approved and licensed software is installed on the server

Provides the capability to log all confidential file access

Reviews activity logs for suspicious activity

Uses authentication between servers, as well as client and server, when transferring confidential data